Lessons learnt from recent US Samsung data breach

Share
Chad McDonald, CISO at Radiant Logic, shares his views on the importance of strong Identity Access Management principles after the Samsung US data breach.

Samsung recently confirmed it suffered a data breach which led to the personal information of customers being leaked online.

The company revealed that customer data had been compromised on 4 August, following an apparent security incident in the preceding weeks. It also said that an “unauthorized third party" had acquired information from some of Samsung’s US systems, including names, contact information, dates of birth and product registration details. However, no credit card numbers or social security numbers were breached.

A spokesman said in a statement: "Samsung detected the incident and has taken actions to secure the affected systems. As part of our ongoing investigation, we have engaged a leading outside cybersecurity firm and are coordinating with law enforcement. We are notifying customers to make them aware of this matter.

"At Samsung, we value the trust our customers place in our products and services – trust that we have built up over many years. This is why the security and privacy of our customers’ data is of the utmost importance to us, and our products and services are designed and built with this top of mind."

Failure to manage identity data 

Chad McDonald, CISO at Radiant Logic, says that for many organisations, breaches like this are the result of failing to manage identity data and implement strong Identity Access Management principles.

"It is extremely serious that an unauthorised user was able to get their hands on Samsung customers’ personal information," he said.

"Many organisations suffer from identity sprawl, where identity data is spread across different applications which cannot communicate with each other, which ultimately means that systems - and therefore data - is siloed. This poses a huge security risk, with siloed systems increasing the attack surface of an organisation and creating gaps for threat actors to exploit

"Heavily siloed systems result in organisations failing to build complete and accurate user profiles. Security teams then struggle to properly identify users and give them the correct access, ultimately leading to security breaches such as this one on Samsung.

"Organisations need an Identity Access Management solution which can unify and streamline their identity data to provide complete and accurate user profiles. With complete visibility over systems, security teams are then able to properly track who should be accessing what, therefore reducing the risk of a serious breach," he added. 

What is identity managament?

According to cybersecurity company, VMWare, Identity management (IdM), also known as identity and access management (IAM) ensures that authorised people – and only authorised people – have access to the technology resources they need to perform their job functions. It includes polices and technologies that encompass an organisation-wide process to properly identify, authenticate, and authorise people, groups of people, or software applications through attributes including user access rights and restrictions based on their identities.

An identity management system prevents unauthorised access to systems and resources, helps prevent exfiltration of enterprise or protected data, and raises alerts and alarms when access attempts are made by unauthorized personnel or programs, whether from inside or outside the enterprise perimeter.

Identity management solutions not only protect software and data access, they also protect the hardware resources in an enterprise, such as servers, networks, and storage devices from unauthorised access which could lead to a ransomware attack. Identity management has gained importance over the past decade due to the growing number of global regulatory, compliance, and governance mandates that seek to protect sensitive data from exposure of any kind.

IdM and IAM systems generally are part of IT security and IT Data management within the enterprise, and identity and access management tools are widely available for the broad range of devices that users rely on to perform business functions from phones and tablets to desktop computers running Windows, Linux, iOS or Android.


Share

Featured Articles

Kyndryl and AWS: The Cyber Issues Facing the Energy Sector

Kyndryl and AWS survey highlights the cybersecurity readiness gap in energy enterprises, with oil & gas organisations among the top groups at risk

Customer Confidence: Hiscox Reveals Growing Cost of Attacks

Hiscox study shows 43% of businesses lost customers after breaches, an almost doubling in sentiments

Supply Chain Security: Why Is It Key for the Energy Sector?

Check Point Software and Black Duck analyse KPMG research that analyses why the energy sector is at such high risk of supply chain attacks

Top 10 OT Platforms

Operational Security

Microsoft: What Satya Nadella's $5m Pay Cut Says About Cyber

Cyber Security

Armis Security: The Company Reaching Valuations of $4.3bn

Cyber Security